Hey all,
i dont know what happend exactly, but somehow my Vaultwarden is having A LOT of problems.
Trying to access it from outside of local intranet gives this screen: (Test for urself)
When Im trying to access it via the same domain from the local intranet, its stuck here:
When Im trying to access it through the IP, i get a bit further and Im at the login screen:
Since its not HTTPS via the IP, i cant login or do anything else ofc.
What I tried:
-
Create new Volume
-
New Docker Container with old version vaultwarden/server:1.26.0 and new volume
-
Rebooted, Restarted my Raspberry 10x, no fix. Restarted my router, no fix.
-
Modified my Config files to make them work better, no difference.
-
Double-checked if Ports are exposed through my Router, they are.
These are my 2 Config files:
- /etc/nginx/sites-enabled/bitwarden.conf
server {
if ($host = bitwarden.furrkan.de) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name bitwarden.furrkan.de;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name bitwarden.furrkan.de;
ssl_certificate /etc/letsencrypt/live/bitwarden.furrkan.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/bitwarden.furrkan.de/privkey.pem; # managed by Certbot
ssl_dhparam /etc/ssl/certs/dhparam.pem;
client_max_body_size 128M;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
location / {
proxy_connect_timeout 15;
proxy_read_timeout 15;
proxy_send_timeout 15;
proxy_intercept_errors off;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
}
location /notifications/hub {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://localhost:3012;
}
location /notifications/hub/negotiate {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
}
error_page 403 404 500 502 503 504 @error_page;
location @error_page {
root /usr/syno/share/nginx;
rewrite (.*) /error.html break;
allow all;
}
}
- ./etc/nginx/nginx.conf
#user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
#resolver 127.0.0.11;
sendfile on;
tcp_nopush on;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Im running Vaultwarden through portainer. I have lots of others dockers running, they work fine:
These are my ENV Variables:
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
LOG_FILE=/data/vaultwarden.log
TZ=Europe/Berlin
WEBSOCKET_ENABLED=true
LC_ALL=C.UTF-8
DEBIAN_FRONTEND=noninteractive
UDEV=off
ROCKET_PROFILE=release
ROCKET_ADDRESS=0.0.0.0
ROCKET_PORT=80
SIGNUPS_ALLOWED=false
A snippet from the log:
| Version 1.26.0 |
|--------------------------------------------------------------------|
| This is an *unofficial* Bitwarden implementation, DO NOT use the |
| official channels to report bugs/features, regardless of client. |
| Send usage/configuration questions or feature requests to: |
| https://vaultwarden.discourse.group/ |
| Report suspected bugs/issues in the software itself at: |
| https://github.com/dani-garcia/vaultwarden/issues/new |
\--------------------------------------------------------------------/
[INFO] No .env file found.
[2023-01-03 02:27:22.537][vaultwarden][INFO] Private key created correctly.
[2023-01-03 02:27:22.537][vaultwarden][INFO] Public key created correctly.
Running migration 20180114171611
Running migration 20180217205753
Running migration 20180427155151
Running migration 20180508161616
Running migration 20180525232323
Running migration 20180601112529
Running migration 20180711181453
Running migration 20180827172114
Running migration 20180910111213
Running migration 20180919144557
Running migration 20181127152651
Running migration 20190526216651
Running migration 20191010083032
Running migration 20191117011009
Running migration 20200313205045
Running migration 20200409235005
Running migration 20200701214531
Running migration 20200802025025
Running migration 20201130224000
Running migration 20201209173101
Running migration 20210311190243
Running migration 20210315163412
Running migration 20210430233251
Running migration 20210511205202
Running migration 20210701203140
Running migration 20210830193501
Running migration 20211024164321
Running migration 20220117234911
Running migration 20220302210038
[2023-01-03 02:27:23.541][vaultwarden::api::notifications][INFO] Starting WebSockets server on 0.0.0.0:3012
[2023-01-03 02:27:23.546][start][INFO] Rocket has launched from http://0.0.0.0:80
[2023-01-03 02:28:33.782][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:33.782][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:33.783][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:33.784][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:38.687][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:38.689][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:38.689][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:38.692][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:39.296][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:39.296][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:39.297][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:39.297][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:40.145][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:40.146][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:40.148][_][WARN] Remote left: channel closed.
[2023-01-03 02:28:40.149][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:03.622][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:03.624][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:03.629][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:03.636][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:04.474][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:04.474][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:04.479][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:04.479][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:05.999][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:06.000][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:06.001][_][WARN] Remote left: channel closed.
[2023-01-03 02:29:06.003][_][WARN] Remote left: channel closed.
[2023-01-03 02:31:23.937][request][INFO] POST /identity/connect/token
[2023-01-03 02:31:23.940][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2023-01-03 02:31:54.393][request][INFO] POST /identity/connect/token
[2023-01-03 02:31:54.394][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2023-01-03 02:32:00.678][_][WARN] Remote left: channel closed.
[2023-01-03 02:32:00.679][_][WARN] Remote left: channel closed.
[2023-01-03 02:32:09.055][_][WARN] Remote left: channel closed.
[2023-01-03 02:32:09.056][_][WARN] Remote left: channel closed.
[2023-01-03 02:34:14.396][_][ERROR] No matching routes for HEAD /.
[2023-01-03 02:36:54.334][_][WARN] Parameter guard `p: PathBuf` is forwarding: BadStart('.').
[2023-01-03 02:36:54.334][_][ERROR] No matching routes for GET /.git/config.
[2023-01-03 02:36:54.335][_][WARN] Responding with registered (not_found) 404 catcher.
[2023-01-03 02:36:58.317][_][WARN] Remote left: channel closed.
[2023-01-03 02:36:58.319][_][WARN] Remote left: channel closed.
[2023-01-03 02:36:58.323][_][WARN] Remote left: channel closed.
[2023-01-03 02:36:58.324][_][WARN] Remote left: channel closed.
[2023-01-03 02:37:10.891][_][WARN] Remote left: channel closed.
[2023-01-03 02:37:10.897][_][WARN] Remote left: channel closed.
[2023-01-03 02:37:10.898][_][WARN] Remote left: channel closed.
[2023-01-03 02:37:10.898][_][WARN] Remote left: channel closed.
[2023-01-03 02:38:37.888][request][INFO] POST /identity/connect/token
[2023-01-03 02:38:37.889][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
[2023-01-03 02:38:44.594][_][WARN] Remote left: channel closed.
[2023-01-03 02:38:44.595][_][WARN] Remote left: channel closed.
[2023-01-03 02:38:44.597][_][WARN] Remote left: channel closed.
[2023-01-03 02:48:38.048][request][INFO] POST /identity/connect/token
[2023-01-03 02:48:38.049][response][INFO] (login) POST /identity/connect/token => 400 Bad Request
Can anybody help me to identify why im running into these issues? I can upload any logfiles if needed.
Thanks!
Dear regards,
Furkan